1bee22c9e656abf7c9a43227c394f030d5a488ce32fea57bb96a05e48e7cb232

Sharing

Copy URL Twitter E-mail

General

Target

1bee22c9e656abf7c9a43227c394f030d5a488ce32fea57bb96a05e48e7cb232
Size

262KB
MD5

4ad8a5288103475eb561131e8ea1dc56
SHA1

91285637bca8e4c3673e58316331cbbf0248bc90
SHA256

1bee22c9e656abf7c9a43227c394f030d5a488ce32fea57bb96a05e48e7cb232
SHA512

a0ef96103cc90c429a51a27b272da901ea28efaa4107fa433a28eaa2bb06bd06a5cf667dd72fe9007da7cbb511692971afcc210eb565c4f35e676f81e0ff803d
SSDEEP

3072:H+xkUeqC3+gEkAlf53PCUin+2bKchXbqWNBV41Va4Vqnfd9JUpRhyzwM3Bmc5vCm:H+xQhEkACL+shX2WJYVNVafDwAvC3D+H

Score

N/A

Malware Config

Signatures

Files

1bee22c9e656abf7c9a43227c394f030d5a488ce32fea57bb96a05e48e7cb232
.exe windows x86

1a0d16cfd3cf8ab74f908e7f54e823cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ScrollWindow
OpenInputDesktop
GetProcessWindowStation
DlgDirListA
CharUpperBuffA
CheckRadioButton
GetScrollRange
DrawFocusRect
EnumWindowStationsA
GetTopWindow
PostMessageW
CreateDesktopA

urlmon

RegisterBindStatusCallback
CreateAsyncBindCtx
URLOpenBlockingStreamW
UrlMkSetSessionOption

wininet

InternetReadFile
InternetSetOptionExA
FtpCreateDirectoryW
InternetCreateUrlA
SetUrlCacheEntryInfoA
InternetCheckConnectionW

gdi32

CancelDC
AddFontResourceW
CreateCompatibleDC
Chord
CombineTransform
CreateDIBPatternBrush

psapi

GetMappedFileNameA

shlwapi

PathCanonicalizeA
PathCompactPathA

kernel32

WriteConsoleW
SetStdHandle
LoadLibraryW
HeapAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringW
Sleep
HeapFree
GetConsoleMode
GetConsoleCP
HeapReAlloc
FlushFileBuffers
ReadFile
HeapSize
CreateFileW
IsDebuggerPresent
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileTime
CloseHandle
UnmapViewOfFile
QueryDosDeviceA
GetLogicalDriveStringsA
GetCurrentProcess
MapViewOfFile
CreateFileMappingA
GetFileSize
FreeLibrary
GetLastError
CreateFileA
LoadLibraryA
FindFirstFileW
ReadConsoleOutputW
GetThreadContext
GetVolumePathNameW
GetPrivateProfileSectionW
UpdateResourceA
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EncodePointer
TerminateProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 189KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1a0d16cfd3cf8ab74f908e7f54e823cc

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

wininet

gdi32

psapi

shlwapi

kernel32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 189KB - Virtual size: 2.5MB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 189KB - Virtual size: 2.5MB